Reduce workflow permissions found by the Security Code scanning functionality #2958
Description
https://github.com/google/comprehensive-rust/security/code-scanning points out 7 issues with our workflows having too broad (default) permissions for our GITHUB_TOKEN. We should reduce the permissions to the minimal necessary permissions to not risk the integrity & security of our repository and organization.
This can be done by adding a permission to the job or worflow. See https://docs.github.com/en/actions/tutorials/authenticate-with-github_token for more details or the code-scanning page.
After fixing this issue, we should also try to find out if this can create issues like Dependabot already does to receive a notification for these issues